For Stacey, a Relationship Associate in NAB Private, customers requesting to make large transfers is pretty normal.
But recently, when Stacey was asked by Brody*, a NAB Private customer to transfer $6m as part of a capital raising round to an international account, her instinct kicked in and she started searching for more info.
“When Brody asked to make this transfer, everything seemed pretty normal,” said Stacey. “It was pretty consistent with other transfers he’s made in the past and was to a regular recipient.”
Just to be sure, Stacey called Joel to confirm that the details were correct. He assured her that they were.
“He asked me to pick this up with his accountant as he was about to catch a flight,” said Stacey, “so I spoke to his accountant to double check he wanted this to go into a Singaporean account.”
“I asked the accountant to call the supplier, the end recipient of the funds, to make sure this was what they wanted as there would be international fees.”
The red flags
As Stacey was waiting for confirmation from the accountant, she read through some of the previous emails between the customer and the recipient and noticed a few changes throughout the email chain.
“I first noticed the word ‘group’ misspelt as ‘gruop’ and the tone in some of the greetings was slightly different,” she said. “I could also see the account had changed to an overseas account and the date of the payment had been brought forward, so there were a few red flags jumping out at me.”
I called the accountant right away to make sure they didn’t process any payments to this account.
It turned out Stacey was right, and she had just saved the customer and the supplier from a $6m transfer to a criminal.
“The supplier’s emails had been hacked by a criminal who then impersonated employees from the organisation,” said Chris Sheehan, Executive, Group Investigations and Fraud. “They changed the banking details on invoices in the hope of receiving the funds.”
Business email compromise
This type of activity is known as business email compromise, and unfortunately, it’s on the rise.
Business email compromise is when an organisation’s email account is taken over by criminals to conduct fraudulent activities such as sending fake invoices, requesting updates to bank account details, or intercepting and altering inbound payment details.
